Digital Shadows Research Reveals Password and Username Reuse is Major Threat to Enterprise Security
Dubai, UAE, May 28, 2017 – Digital Shadows, the industry leader in digital risk management, today unveiled research into some of the main techniques cybercriminals are using to target organizations using stolen credentials which have been reused across a variety of sites and online forums. The report “Protect Your Customer and Employee Accounts: 7 Ways To Mitigate The Growing Risks Of Account Takeovers” also outlines what measures organizations can implement to protect against such attacks.The research reveals that cybercriminals are increasingly turning to credential stuffing tools to automate attempts at account takeover. This is a type of brute force attack whereby large sets of credentials are automatically inserted into login pages until a match with an existing account is found. Based on configurations, the most common targets for these attacks are the gaming, technology, broadcasting and retail sectors.
Last year Digital Shadows found that 97% of businesses in the ‘Forbes 1000’ had their valuable credentials exposed, usually by employees using the same details across multiple sites and platforms. Now criminals are recognizing that employees often have poor username and password discipline to use these in mass automated credential stuffing attacks aiming to gain access to corporate networks.
“Many organizations are suffering breach fatigue due to the huge numbers of credentials exposed via not only high profile incidents like those suffered by Myspace, LinkedIn and Dropbox, but also from tens of thousands of smaller breaches,” said Rick Holland, VP Strategy at Digital Shadows. “But it is critical that businesses arm themselves with the necessary intelligence and insight to manage their digital risk and prevent this problem credential exposure from escalating into an even more severe problem.”
The report also suggests that while multi-factor authentication (MFA) can help to protect organizations and their customers from account takeovers, it cannot be seen as a silver bullet to solve the problem of account take overs.
“Enterprises - and the companies that work for and with them - need to be better prepared for this sort of brute force attack,” added Holland.
Other steps businesses should take to protect against credential stuffing include:
1. Monitor for leaked credentials of your employees. Troy Hunt’s https://www.haveibeenpwned.com is a great resource for this, alerting you to instances of breaches including your organization’s email domain.
2. Monitor for mentions of your company and brand names across cracking forums. This can help to inform the security solutions you invest in. Use Google Alerts for this – Johnny Long some great tips for doing so (http://www.mrjoeyjohnson.com/Google.Hacking.Filters.pdf) and it can help identify the specific risks to your business.
3. Monitor for leaked credentials of your customers, allowing you to take a more proactive response.
4. Deploy an inline Web Application Firewall. Commercial and open source web application firewalls, like ModSecurity, can be used to identify and block credential stuffing attacks.
5. Increase user awareness. Educate your staff and consumers about the dangers of using corporate email address for personal accounts, as well as reusing passwords.
6. Gain an awareness of credential stuffing tools. Keep an eye on the development of credential stuffing tools, and of how your security solutions compare to their capabilities.
7. Implement multi-factor authentication that doesn’t leverage SMS. This can help to reduce account takeovers, but make sure this is balanced against the friction it can cause.
You can access the full report ‘Protect Your Customer and Employee Accounts, 7 Ways To Mitigate The Growing Risks Of Account Takeovers’ at: http://info.digitalshadows.com/AccountTakeover-PR_Registration.html
Digital Shadows provides insight into an organization’s digital risks and the threat actors targeting them. The Digital Shadows SearchLight™ service combines scalable data analytics with human analysts to monitor for cyber threats, data leakage, and reputation risks. Digital Shadows continually monitors the Internet across the visible, deep and dark web, as well as other online sources to create an up-to-the minute view of an organization’s digital risk and provide it with tailored threat intelligence. The company is jointly headquartered in London and San Francisco. For more information, visit www.digitalshadows.com
Conrad Offices, 19th Floor
Sheikh Zayed Road, Dubai
This release was published on openPR.
Permanent link to this press release:
Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Digital Shadows Research Reveals Password and Username Reuse is Major Threat to Enterprise Security here
News-ID: 553809 • Views: …
More Releases from OAK Consulting FZC
FarEye launches its Delivery Experience Suite – ‘Delight’
Dubai, United Arab Emirates, July 5, 2018: FarEye, a leading global digital logistics platform today announced the launch of its Delivery Experience Suite – ‘Delight’ that helps businesses increase their Delivery Happiness Score – the ultimate measure of customer success. It enables businesses to provide a seamless and personalized experience to the customers.
FarEye is a leader in B2C logistics technology and is widely used by global giants like Walmart, DHL,…
FarEye expands its footprint in the European market with the launch of its regio …
Dubai, United Arab Emirates, June 24, 2018: FarEye, a leading global digital logistics platform, today announced the opening of its first European office in the heart of London with an aim to expand its business foothold in the region and to serve its customers directly. With a total of 6 corporate offices in India, Dubai and Singapore, FarEye currently serves customers in over 20 countries.
FarEye has revolutionized the logistics…
Digital Shadows announces its Digital Risk Management Technology Ecosystem
Dubai, UAE, October 24, 2017 – Digital Shadows, the industry leader in digital risk management, today announced the launch of its Digital Risk Management Technology Ecosystem. Formed from almost a dozen technology companies, with more expected to join in the coming months, they all share a vision for how security analytics and security information and event management (SIEM), product orchestration and automation, risk & compliance, intelligence and network enforcement, must…
Ring partners with Al Jammaz to provide smart home security for Saudi Arabia
Riyadh, Saudi Arabia – October 18, 2017: Ring, the leader in smart home security recently announced a partnership agreement with Al Jammaz Distribution, the leading Saudi based Value-Added Distributor, which distributes advanced technology products, solutions and services. This partnership will help Ring foray and expand its reach across the Saudi market offering customers Ring’s innovative home security products and solutions.
“Ring believes in keeping homes and communities safe rather than…
More Releases for Digital
Digital Therapeutics Market, Digital Therapeutics Market Size, Digital Therapeut …
The global digital therapeutics market is expected to reach US$ 8,941.1 Mn by 2025 from US$ 1,993.2 Mn in 2017. The market is estimated to grow with a CAGR of 20.8% during the forecast period from 2018 to 2025.
North America is the largest geographic market and it is expected to be the largest revenue generator during the forecast period, whereas the market is expected to witness growth at a significant…
Digital Advertising on Mobil Market Analysis 2019 Top Growing Companies: Adverti …
Digital Advertising on Mobil Market
Digital Advertising on Mobile Market is a type of advertising that shows that mobile devices such as smart phones and tablets have wireless connectivity. For mobile devices with fewer lenses than computers or laptops, digital media formats are often the most suitable for small displays through outputs. Telephone advertising is the communication of products or services of mobile devices and consumers. Telephone announcements range from…
Digital Package Market Size by Analyzing Historical Data, Future Prospect and Ke …
Global Digital Package Industry 2019-2025 Market Research Report explores an in-depth insight of Digital Package Market covering all important parameters including development trends, challenges, opportunities, key manufacturers and competitive analysis. This in-depth market report, which is updated every year, provides all you need to know about the global Digital Package market. The report includes the market volumes for Digital Package present and latest news and updates about the market situation.Digital…
Digital Display Market Future Growth with Worldwide Players (Digital Virgo, Digi …
Digital Display Industry 2019 Global Market 2025 research report represents the historical overview of current Market situation, size, share, trends, growth, supply, outlook and manufacturers with detailed analysis. It also focuses on Digital Display volume and value at global level, regional level and company level. From a global perspective, this report represents overall Digital Display market size by analyzing historical data and future prospect.
Get Sample Copy of this Report -…
Top Key Players like Digital Brand Architects, Marketing Factory Inc., Digital A …
Digital Marketing Strategy is the series of actions that help you to achieve your company goals through carefully selected online marketing channels. These channels include paid, earned, and owned media, and can all support a common campaign around a particular line of business. Here we include some digital marketing strategies that can help to grow business in future: Setting a Goal, Creating a Marketing Funnel, Developing a call-to-action, creating an…
Digital Video Recorder Market - Digital Technology With The Adoption of Digital …
A digital video recorder (DVR) is an electronic device that records video in a digital format to a hard disk drive (HDD), solid state drive (SSD), USB flash drive, SD card, or other mass storage devices. Digital video recorders include set-top-boxes, television sets, personal computers, camcorders, and media players with recording capability. Digital video recorders are used mainly for entertainment and security and surveillance applications. Fast data retrieval, less storage…